var-201606-0477
Vulnerability from variot
The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack. OpenSSL is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information. This may aid in further attacks. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2016:1940-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1940.html Issue date: 2016-09-27 CVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 =====================================================================
- Summary:
An update for openssl is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
-
A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304)
-
It was discovered that OpenSSL did not always use constant time operations when computing Digital Signature Algorithm (DSA) signatures. (CVE-2016-2178)
-
It was discovered that the Datagram TLS (DTLS) implementation could fail to release memory in certain cases. A malicious DTLS client could cause a DTLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory. (CVE-2016-2179)
-
A flaw was found in the Datagram TLS (DTLS) replay protection implementation in OpenSSL. A remote attacker could possibly use this flaw to make a DTLS server using OpenSSL to reject further packets sent from a DTLS client over an established DTLS connection. (CVE-2016-2181)
-
An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec() function. An attacker able to make an application using OpenSSL to process a large BIGNUM could cause the application to crash or, possibly, execute arbitrary code. (CVE-2016-2182)
-
A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)
This update mitigates the CVE-2016-2183 issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.
-
An integer underflow flaw leading to a buffer over-read was found in the way OpenSSL parsed TLS session tickets. A remote attacker could use this flaw to crash a TLS server using OpenSSL if it used SHA-512 as HMAC for session tickets. (CVE-2016-6302)
-
Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic. A remote attacker could possibly use these flaws to cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)
-
An out of bounds read flaw was found in the way OpenSSL formatted Public Key Infrastructure Time-Stamp Protocol data for printing. An attacker could possibly cause an application using OpenSSL to crash if it printed time stamp data from the attacker. (CVE-2016-2180)
-
Multiple out of bounds read flaws were found in the way OpenSSL handled certain TLS/SSL protocol handshake messages. A remote attacker could possibly use these flaws to crash a TLS/SSL server or client using OpenSSL. (CVE-2016-6306)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6304 and CVE-2016-6306; and Karthikeyan Bhargavan (Inria) and GaA<<tan Leurent (Inria) as the original reporters of CVE-2016-2183.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Bugs fixed (https://bugzilla.redhat.com/):
1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase 1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation 1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio() 1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec() 1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection 1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) 1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer 1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks 1377594 - CVE-2016-6306 openssl: certificate message OOB reads 1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
ppc64: openssl-1.0.1e-48.el6_8.3.ppc.rpm openssl-1.0.1e-48.el6_8.3.ppc64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm openssl-devel-1.0.1e-48.el6_8.3.ppc.rpm openssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm
s390x: openssl-1.0.1e-48.el6_8.3.s390.rpm openssl-1.0.1e-48.el6_8.3.s390x.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm openssl-devel-1.0.1e-48.el6_8.3.s390.rpm openssl-devel-1.0.1e-48.el6_8.3.s390x.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
ppc64: openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm openssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm openssl-static-1.0.1e-48.el6_8.3.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm openssl-perl-1.0.1e-48.el6_8.3.s390x.rpm openssl-static-1.0.1e-48.el6_8.3.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
ppc64: openssl-1.0.1e-51.el7_2.7.ppc64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm
ppc64le: openssl-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm
s390x: openssl-1.0.1e-51.el7_2.7.s390x.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm openssl-devel-1.0.1e-51.el7_2.7.s390.rpm openssl-devel-1.0.1e-51.el7_2.7.s390x.rpm openssl-libs-1.0.1e-51.el7_2.7.s390.rpm openssl-libs-1.0.1e-51.el7_2.7.s390x.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm openssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm openssl-static-1.0.1e-51.el7_2.7.ppc.rpm openssl-static-1.0.1e-51.el7_2.7.ppc64.rpm
ppc64le: openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm
s390x: openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm openssl-perl-1.0.1e-51.el7_2.7.s390x.rpm openssl-static-1.0.1e-51.el7_2.7.s390.rpm openssl-static-1.0.1e-51.el7_2.7.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-2177 https://access.redhat.com/security/cve/CVE-2016-2178 https://access.redhat.com/security/cve/CVE-2016-2179 https://access.redhat.com/security/cve/CVE-2016-2180 https://access.redhat.com/security/cve/CVE-2016-2181 https://access.redhat.com/security/cve/CVE-2016-2182 https://access.redhat.com/security/cve/CVE-2016-6302 https://access.redhat.com/security/cve/CVE-2016-6304 https://access.redhat.com/security/cve/CVE-2016-6306 https://access.redhat.com/security/updates/classification/#important https://www.openssl.org/news/secadv/20160922.txt
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI xpTW7ApBLmKhVjs49DGYouI= =4VgY -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Summary:
An update is now available for JBoss Core Services on RHEL 7. Description:
This release adds the new Apache HTTP Server 2.4.23 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.6 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release. (CVE-2016-2108)
-
It was found that the length checks prior to writing to the target buffer for creating a virtual host mapping rule did not take account of the length of the virtual host name, creating the potential for a buffer overflow. (CVE-2016-2177)
-
It was discovered that specifying configuration with a JVMRoute path longer than 80 characters will cause segmentation fault leading to a server crash. (CVE-2016-4459)
-
An error was found in protocol parsing logic of mod_cluster load balancer Apache HTTP Server modules. After installing the updated packages, the httpd daemon will be restarted automatically. Additional information can be found at https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/
CVE-2016-2178
Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing
leak in the DSA code.
CVE-2016-2179 / CVE-2016-2181
Quan Luo and the OCAP audit team discovered denial of service
vulnerabilities in DTLS.
For the stable distribution (jessie), these problems have been fixed in version 1.0.1t-1+deb8u4.
For the unstable distribution (sid), these problems will be fixed soon.
We recommend that you upgrade your openssl packages. Of these 14 vulnerabilities, the OpenSSL Software Foundation classifies one as aCritical Severity,a one as aModerate Severity,a and the other 12 as aLow Severity.a
Subsequently, on September 26, the OpenSSL Software Foundation released an additional advisory that describes two new vulnerabilities. One of the new vulnerabilities was rated as aHigh Severitya and the other as aModerate Severity.a
Of the 16 released vulnerabilities: Fourteen track issues that could result in a denial of service (DoS) condition One (CVE-2016-2183, aka SWEET32) tracks an implementation of a Birthday attack against Transport Layer Security (TLS) block ciphers that use a 64-bit block size that could result in loss of confidentiality One (CVE-2016-2178) is a timing side-channel attack that, in specific circumstances, could allow an attacker to derive the private DSA key that belongs to another user or service running on the same system
Five of the 16 vulnerabilities affect exclusively the recently released OpenSSL versions that belong to the 1.1.0 code train, which has not yet been integrated into any Cisco product.
Gentoo Linux Security Advisory GLSA 201612-16
https://security.gentoo.org/
Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: December 07, 2016 Bugs: #581234, #585142, #585276, #591454, #592068, #592074, #592082, #594500, #595186 ID: 201612-16
Synopsis
Multiple vulnerabilities have been found in OpenSSL, the worst of which allows attackers to conduct a time based side-channel attack.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.2j >= 1.0.2j
Description
Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers and the International Association for Cryptologic Research's (IACR) paper, "Make Sure DSA Signing Exponentiations Really are Constant-Time" for further details.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2j"
References
[ 1 ] CVE-2016-2105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105 [ 2 ] CVE-2016-2106 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106 [ 3 ] CVE-2016-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107 [ 4 ] CVE-2016-2108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108 [ 5 ] CVE-2016-2109 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109 [ 6 ] CVE-2016-2176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176 [ 7 ] CVE-2016-2177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177 [ 8 ] CVE-2016-2178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178 [ 9 ] CVE-2016-2180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180 [ 10 ] CVE-2016-2183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183 [ 11 ] CVE-2016-6304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304 [ 12 ] CVE-2016-6305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305 [ 13 ] CVE-2016-6306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306 [ 14 ] CVE-2016-7052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052 [ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time http://eprint.iacr.org/2016/594.pdf
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201612-16
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. Description:
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. For further information, see the knowledge base article linked to in the References section. The JBoss server process must be restarted for the update to take effect. ========================================================================== Ubuntu Security Notice USN-3087-2 September 23, 2016
openssl regression
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
USN-3087-1 introduced a regression in OpenSSL. The fix for CVE-2016-2182 was incomplete and caused a regression when parsing certificates. This update fixes the problem.
We apologize for the inconvenience. This issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178) Quan Luo discovered that OpenSSL did not properly restrict the lifetime of queue entries in the DTLS implementation. (CVE-2016-2181) Shi Lei discovered that OpenSSL incorrectly validated division results. (CVE-2016-2182) Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. (CVE-2016-2183) Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303) Shi Lei discovered that OpenSSL incorrectly performed certain message length checks. (CVE-2016-6306)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: libssl1.0.0 1.0.2g-1ubuntu4.5
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.21
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.38
After a standard system update you need to reboot your computer to make all the necessary changes. (CVE-2016-6808)
- A memory leak flaw was fixed in expat. Solution:
The References section of this erratum contains a download link (you must log in to download the update). JIRA issues fixed (https://issues.jboss.org/):
JBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0] JBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service
6
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201606-0477", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "linux", "scope": "eq", "trust": 1.8, "vendor": "oracle", "version": "5" }, { "model": "linux", "scope": "eq", "trust": 1.8, "vendor": "oracle", "version": "6" }, { "model": "linux", "scope": "eq", "trust": 1.8, "vendor": "oracle", "version": "7" }, { "model": "solaris", "scope": "eq", "trust": 1.8, "vendor": "oracle", "version": "10" }, { "model": "solaris", "scope": "eq", "trust": 1.8, "vendor": "oracle", "version": "11.3" }, { "model": "openssl", "scope": "eq", "trust": 1.6, "vendor": "openssl", "version": "1.0.2d" }, { "model": "openssl", "scope": "eq", "trust": 1.6, "vendor": "openssl", "version": "1.0.2c" }, { "model": "openssl", "scope": "eq", "trust": 1.6, "vendor": "openssl", "version": "1.0.2e" }, { "model": "openssl", "scope": "eq", "trust": 1.6, "vendor": "openssl", "version": "1.0.2f" }, { "model": "openssl", "scope": "eq", "trust": 1.6, "vendor": "openssl", "version": "1.0.2h" }, { "model": "openssl", "scope": "eq", "trust": 1.6, "vendor": "openssl", "version": "1.0.2g" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1g" }, { "model": "node.js", "scope": "lte", "trust": 1.0, "vendor": "nodejs", "version": "4.1.2" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1s" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1f" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1d" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1c" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1b" }, { "model": "node.js", "scope": "gte", "trust": 1.0, "vendor": "nodejs", "version": "0.12.0" }, { "model": "node.js", "scope": "lt", "trust": 1.0, "vendor": "nodejs", "version": "0.10.47" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1q" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1n" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1a" }, { "model": "ubuntu linux", "scope": "eq", "trust": 1.0, "vendor": "canonical", "version": "14.04" }, { "model": "node.js", "scope": "gte", "trust": 1.0, "vendor": "nodejs", "version": "0.10.0" }, { "model": "linux enterprise", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "12.0" }, { "model": "node.js", "scope": "gte", "trust": 1.0, "vendor": "nodejs", "version": "5.0.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1t" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1p" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "debian", "version": "8.0" }, { "model": "node.js", "scope": "lt", "trust": 1.0, "vendor": "nodejs", "version": "6.7.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1i" }, { "model": "node.js", "scope": "lt", "trust": 1.0, "vendor": "nodejs", "version": "4.6.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1r" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1m" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1k" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1e" }, { "model": "ubuntu linux", "scope": "eq", "trust": 1.0, "vendor": "canonical", "version": "12.04" }, { "model": "node.js", "scope": "lt", "trust": 1.0, "vendor": "nodejs", "version": "0.12.16" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1j" }, { "model": "node.js", "scope": "gte", "trust": 1.0, "vendor": "nodejs", "version": "4.2.0" }, { "model": "ubuntu linux", "scope": "eq", "trust": 1.0, "vendor": "canonical", "version": "16.04" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1h" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.2a" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.2b" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.2" }, { "model": "node.js", "scope": "gte", "trust": 1.0, "vendor": "nodejs", "version": "4.0.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1o" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1l" }, { "model": "openssl", "scope": "lte", "trust": 0.8, "vendor": "openssl", "version": "1.0.2h" }, { "model": "linux enterprise module for web scripting", "scope": "eq", "trust": 0.8, "vendor": "suse", "version": "12" }, { "model": "capssuite", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "v3.0 to v4.0" }, { "model": "enterpriseidentitymanager", "scope": null, "trust": 0.8, "vendor": "nec", "version": null }, { "model": "esmpro/serveragentservice", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "(linux edition )" }, { "model": "express5800", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "sg3600 all series" }, { "model": "ix1000 series", "scope": null, "trust": 0.8, "vendor": "nec", "version": null }, { "model": "ix2000 series", "scope": null, "trust": 0.8, "vendor": "nec", "version": null }, { "model": "ix3000 series", "scope": null, "trust": 0.8, "vendor": "nec", "version": null }, { "model": "secureware/pki application development kit", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "ver3.2" }, { "model": "webotx application server", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "enterprise v8.2 to v9.4" }, { "model": "webotx application server", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "express v8.2 to v9.4" }, { "model": "webotx application server", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "foundation v8.2 to v8.5" }, { "model": "webotx application server", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "standard v8.2 to v9.4" }, { "model": "webotx enterprise service bus", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "v8.2 to v8.5" }, { "model": "webotx portal", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "v8.2 to v9.1" }, { "model": "stealthwatch udp director", "scope": "eq", "trust": 0.6, "vendor": "cisco", "version": "0" }, { "model": "paging server", "scope": "eq", "trust": 0.6, "vendor": "cisco", "version": "0" }, { "model": "content security management appliance", "scope": "eq", "trust": 0.6, "vendor": "cisco", "version": "0" }, { "model": "cloud web security", "scope": "eq", "trust": 0.6, "vendor": "cisco", "version": "0" }, { "model": "vm virtualbox", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.0.26" }, { "model": "vm virtualbox", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.0.22" }, { "model": "vm virtualbox", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.0.16" }, { "model": "vm virtualbox", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.0.14" }, { "model": "vm virtualbox", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.0.13" }, { "model": "vm virtualbox", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.0.12" }, { "model": "vm virtualbox", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.0.11" }, { "model": "vm virtualbox", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.0.10" }, { "model": "vm virtualbox", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.0.9" }, { "model": "vm virtualbox", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.0.8" }, { "model": "vm virtualbox", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.0.18" }, { "model": "vm virtualbox", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.0" }, { "model": "transportation management", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.2" }, { "model": "transportation management", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.1" }, { "model": "secure global desktop", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.3" }, { "model": "secure global desktop", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.2" }, { "model": "secure global desktop", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "4.71" }, { "model": "peoplesoft enterprise peopletools", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "8.55" }, { "model": "peoplesoft enterprise peopletools", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "8.54" }, { "model": "oss support tools", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "8.9.15.9.8" }, { "model": "oss support tools", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "8.8.15.7.15" }, { "model": "mysql workbench", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.3.8" }, { "model": "mysql workbench", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.1.5" }, { "model": "mysql workbench", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.1.4" }, { "model": "mysql enterprise monitor", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "3.3.0.1098" }, { "model": "mysql enterprise monitor", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "3.2.4.1102" }, { "model": "mysql enterprise monitor", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "3.1.4.7895" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.7.15" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.7.14" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.7.13" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.7.12" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.7.9" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.7.8" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.7.7" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.7.6" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.7.5" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.7.4" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.7.3" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.7.2" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.33" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.32" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.31" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.30" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.28" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.27" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.26" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.25" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.24" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.23" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.22" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.21" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.17" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.12" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.11" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.10" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.9" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.6" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.7.11" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.7.10" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.8" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.7" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.5" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.4" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.29" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.20" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.2" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.19" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.18" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.16" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.15" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.14" }, { "model": "mysql", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.6.13" }, { "model": "jd edwards enterpriseone tools", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.2.1.1" }, { "model": "enterprise manager ops center", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "12.3.2" }, { "model": "enterprise manager ops center", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "12.2.2" }, { "model": "enterprise manager ops center", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "12.1.4" }, { "model": "enterprise manager base platform", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "12.1" }, { "model": "enterprise manager base platform", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "13.2.0.0" }, { "model": "enterprise manager base platform", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "13.1.0.0" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5" }, { "model": "communications network charging and control", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.0.2.0" }, { "model": "communications network charging and control", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.0.1.0" }, { "model": "communications network charging and control", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.0.0.2" }, { "model": "communications network charging and control", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5.0.0.1" }, { "model": "communications network charging and control", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "4.4.1.5.0" }, { "model": "commerce guided search", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.5.2" }, { "model": "commerce guided search", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.5.1" }, { "model": "commerce guided search", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.5" }, { "model": "commerce guided search", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.3" }, { "model": "commerce guided search", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.2.2" }, { "model": "commerce guided search", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.4.1.2" }, { "model": "commerce experience manager", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.5.2" }, { "model": "commerce experience manager", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.5.1" }, { "model": "commerce experience manager", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.5" }, { "model": "commerce experience manager", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.3" }, { "model": "commerce experience manager", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.2.2" }, { "model": "commerce experience manager", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.4.1.2" }, { "model": "business intelligence enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "12.2.1.3.0" }, { "model": "business intelligence enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "12.2.1.2.0" }, { "model": "business intelligence enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "11.1.1.9.0" }, { "model": "business intelligence enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "11.1.1.7.0" }, { "model": "api gateway", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "11.1.2.4.0" }, { "model": "access manager", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "10.1.4.3.0" }, { "model": "project openssl 1.0.0h", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0" }, { "model": "project openssl 0.9.8u", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "1.0.11" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "1.0.2" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "1.0" }, { "model": "project openssl k", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "project openssl j", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "project openssl i", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "project openssl h", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "project openssl e", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "project openssl d", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "project openssl c", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "project openssl b", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "project openssl a", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "project openssl m", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "project openssl l", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "project openssl k", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "project openssl j", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "project openssl i", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "project openssl h", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "project openssl g", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "project openssl f", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "project openssl e", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "project openssl d", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "project openssl c", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "project openssl b", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "project openssl a", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "project openssl m", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl l", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl k", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl j", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl i", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl h", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl g", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl f", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl e", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl d", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl c", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl b", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl a", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.5" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.4" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.3" }, { "model": "project openssl b", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.2" }, { "model": "project openssl c", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.1" }, { "model": "project openssl 1.0.2h", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.2g", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.2f", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.2e", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.2d", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.2c", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.2b", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.2a", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.1t", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.1s", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.1r", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.1q", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.1p", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.1o", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.1n", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.1m", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.1l", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.1k", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.1j", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.1i", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.1h", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.1g", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.1f", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.1e", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.1d", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.1c", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.1b", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.1a", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "1.0.1" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "1.0.0x" }, { "model": "project openssl 1.0.0t", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0s", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0r", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0q", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0p", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0o", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0n", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0m", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0l", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0k", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0j", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0i", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0g", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0f", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0e", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0d", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0c", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0b", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0a", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 0.9.8zh", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 0.9.8zg", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 0.9.8zf", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 0.9.8ze", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 0.9.8zd", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 0.9.8zc", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 0.9.8zb", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 0.9.8za", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 0.9.8y", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8x" }, { "model": "project openssl 0.9.8w", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 0.9.8t", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 0.9.8s", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 0.9.8r", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 0.9.8q", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 0.9.8p", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 0.9.8o", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 0.9.8n", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 0.9.8m", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 0.9.8l", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 0.9.8g", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 0.9.8f", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8." }, { "model": "project openssl f", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8v" }, { "model": "email gateway", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "7.6.405" }, { "model": "email gateway", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "7.6.404" }, { "model": "email gateway", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "7.6.403" }, { "model": "email gateway", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "7.6.402" }, { "model": "email gateway", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "7.6.401" }, { "model": "email gateway", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "7.6.400" }, { "model": "email gateway", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "7.6.4" }, { "model": "email gateway", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "7.6.3" }, { "model": "email gateway 7.6.405h1165239", "scope": null, "trust": 0.3, "vendor": "mcafee", "version": null }, { "model": "email gateway 7.6.405h1157986", "scope": null, "trust": 0.3, "vendor": "mcafee", "version": null }, { "model": "email gateway", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "7.6.3.2" }, { "model": "email gateway", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "7.6.3.1" }, { "model": "email gateway 7.6.2h968406", "scope": null, "trust": 0.3, "vendor": "mcafee", "version": null }, { "model": "email gateway", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "7.6.1" }, { "model": "email gateway", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "7.6" }, { "model": "worklight enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.0.2" }, { "model": "worklight enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.0.1" }, { "model": "worklight enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.0.0" }, { "model": "worklight consumer edition", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.0.2" }, { "model": "worklight consumer edition", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.0.1" }, { "model": "worklight consumer edition", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.0.0" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2" }, { "model": "tivoli provisioning manager for os deployment build", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1.151.05" }, { "model": "tivoli provisioning manager for os deployment intirim fix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.133" }, { "model": "tivoli provisioning manager for os deployment", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1.3" }, { "model": "tivoli provisioning manager for os deployment", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1.116" }, { "model": "tivoli provisioning manager for os deployment", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1" }, { "model": "tivoli provisioning manager for os deployment build", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.20280.6" }, { "model": "tivoli provisioning manager for os deployment", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.19" }, { "model": "tivoli provisioning manager for os deployment", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1" }, { "model": "tivoli provisioning manager for os deployment 5.1.fix pack", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3" }, { "model": "tivoli provisioning manager for os deployment build", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1.1051.07" }, { "model": "tivoli provisioning manager for os deployment", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1.0.2" }, { "model": "tivoli provisioning manager for images system edition", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x7.1.1.0" }, { "model": "tivoli provisioning manager for images build", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.20280.6" }, { "model": "tivoli provisioning manager for images", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.19" }, { "model": "tivoli provisioning manager for images", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.0" }, { "model": "tealeaf customer experience on cloud network capture add-on", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "16.1.01" }, { "model": "tealeaf customer experience", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0.2" }, { "model": "tealeaf customer experience", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0" }, { "model": "tealeaf customer experience", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.6" }, { "model": "tealeaf customer experience", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0" }, { "model": "storwize unified", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70001.6.1.0" }, { "model": "storwize unified", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70001.6.0.1" }, { "model": "storwize unified", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70001.6.0.0" }, { "model": "storwize unified", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70001.5.2.4" }, { "model": "storwize unified", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70001.5.2.3" }, { "model": "storwize unified", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70001.5.2.2" }, { "model": "storwize unified", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70001.5.2.1" }, { "model": "storwize unified", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70001.5.2.0" }, { "model": "storwize unified", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70001.5.1.3" }, { "model": "storwize unified", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70001.5.1.0" }, { "model": "storwize unified", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70001.5.0.2" }, { "model": "storwize unified", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70001.5.0.1" }, { "model": "storwize unified", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70001.5.0.0" }, { "model": "storediq", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.6" }, { "model": "sterling connect:express for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.5.0.9" }, { "model": "sterling connect:express for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.5.0.13" }, { "model": "sterling connect:express for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.5.0.12" }, { "model": "sterling connect:express for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.5.0.11" }, { "model": "sterling connect:express for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.5.0" }, { "model": "sterling connect:express for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.4.6" }, { "model": "sterling connect:express for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.4" }, { "model": "sonas", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.5.2.4" }, { "model": "sonas", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.5.2.3" }, { "model": "sonas", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.5.2.2" }, { "model": "sonas", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.5.2.1" }, { "model": "sonas", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.5.2.0" }, { "model": "sonas", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.5.1.3" }, { "model": "sonas", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.5.1.0" }, { "model": "sonas", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.5.0.2" }, { "model": "sonas", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.5.0.1" }, { "model": "sonas", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.5.0.0" }, { "model": "smartcloud entry", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.2" }, { "model": "smartcloud entry", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2" }, { "model": "smartcloud entry appliance fp", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.2.0.4" }, { "model": "smartcloud entry appliance fp", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.1.0.4" }, { "model": "smartcloud entry", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.1" }, { "model": "smartcloud entry appliance fi", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.4.0.4" }, { "model": "smartcloud entry", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.4.0" }, { "model": "smartcloud entry appliance fi", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3.0.4" }, { "model": "smartcloud entry", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3.0" }, { "model": "smartcloud entry appliance fi", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.0.4" }, { "model": "service delivery manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.4" }, { "model": "service delivery manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.3" }, { "model": "service delivery manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.2" }, { "model": "service delivery manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.1" }, { "model": "security virtual server protection for vmware", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.1" }, { "model": "security virtual server protection for vmware", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.1" }, { "model": "security virtual server protection for vmware", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.3" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.2" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.1" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.2.4" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.2.3" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.2.2" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.2.1" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.1.9" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.1.8" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.1.6" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.1.5" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.1.4" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.1.3" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.1.2" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.1.10" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.1.1" }, { "model": "security guardium", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.0.1" }, { "model": "security guardium", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1.2" }, { "model": "security guardium", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "security guardium", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.0" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.6.0.0" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.2.0.0" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.0.0" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0.0.0" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5.0.0" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4.6.0" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4.5.0" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4.4.0" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4.3.0" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4.2.0" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4.1.0" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4.0.0" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3.2.0" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3.1.0" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2.0.9" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2.0.8" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2.0.4" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2.0.3" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2.0.2" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2.0.14" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2.0.13" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2.0.12" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2.0.11" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2.0.10" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2.0.1" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.1.3" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.1.2" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.1.1" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.1.0" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.9" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.7" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.6" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.5" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.3" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.21" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.20" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.2" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.19" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.18" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.15" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.14" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.13" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.12" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1" }, { "model": "rrdi", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.0.2" }, { "model": "rrdi", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.0.1" }, { "model": "rrdi", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.0.6" }, { "model": "rrdi", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.0.5" }, { "model": "rrdi", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.0.4" }, { "model": "rrdi", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.0.3" }, { "model": "rrdi", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.0.1" }, { "model": "rrdi", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.0" }, { "model": "rrdi", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.0" }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.13" }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.12" }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.11" }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.1" }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.1.7" }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.1.6" }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.1.5" }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.1.4" }, { "model": "rational insight", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1" }, { "model": "rational application developer for websphere software", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5" }, { "model": "rational application developer for websphere software", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "powerkvm", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.1" }, { "model": "powerkvm", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1" }, { "model": "openssh for gpfs", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.5" }, { "model": "mobilefirst platform foundation", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.0" }, { "model": "mobilefirst platform foundation", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.0.0" }, { "model": "mobilefirst platform foundation", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0.0.0" }, { "model": "mobilefirst platform foundation", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3.0.0" }, { "model": "lotus protector for mail security", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.8.3.0" }, { "model": "i", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.3" }, { "model": "i", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "i", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.20" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.4.0" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.3.0" }, { "model": "cognos metrics manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.2.2" }, { "model": "cognos metrics manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.2.1" }, { "model": "cognos metrics manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1.1" }, { "model": "cognos metrics manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.2" }, { "model": "cognos business intelligence server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.2.2" }, { "model": "cognos business intelligence server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.2.11" }, { "model": "cognos business intelligence server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.2.1" }, { "model": "cognos business intelligence server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1.1" }, { "model": "cognos business intelligence server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.2" }, { "model": "bigfix remote control", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.2" }, { "model": "api management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0" }, { "model": "api connect", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.0" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3" }, { "model": "wide area application services", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "webex node for mcs", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "webex meetings server ssl gateway", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "-0" }, { "model": "webex meetings server multimedia platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "-0" }, { "model": "webex meetings server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "2.0" }, { "model": "webex meetings server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "1.0" }, { "model": "webex meetings for windows phone", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "80" }, { "model": "webex meetings for blackberry", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "webex meetings for android", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "webex meetings client on-premises", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "-0" }, { "model": "webex meetings client hosted", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "-0" }, { "model": "webex meeting center", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "webex business suite", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "visual quality experience tools server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "visual quality experience server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "virtualization experience media edition", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "virtual security gateway for microsoft hyper-v", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "virtual security gateway", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "videoscape control suite", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "videoscape anyres live", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "video surveillance ptz ip cameras", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "video surveillance media server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "video surveillance series ip cameras", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "70000" }, { "model": "video surveillance series ip cameras", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "60000" }, { "model": "video surveillance 4300e and 4500e high-definition ip cameras", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "video surveillance series high-definition ip cameras", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "40000" }, { "model": "video surveillance series ip cameras", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "30000" }, { "model": "video distribution suite for internet streaming", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "universal small cell iuh", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "universal small cell cloudbase factory recovery root filesystem", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "2.99.4" }, { "model": "universal small cell cloudbase factory recovery root filesystem", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "universal small cell series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "70003.4.2.0" }, { "model": "universal small cell series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "50003.4.2.0" }, { "model": "universal small cell series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "50000" }, { "model": "unity express", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "unity connection", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "unified workforce optimization quality management solution", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "-0" }, { "model": "unified workforce optimization", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "unified wireless ip phone", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "unified sip proxy software", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "unified sip proxy", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "unified meetingplace", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "unified ip phone", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "99710" }, { "model": "unified ip phone", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "99510" }, { "model": "unified ip phone", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "89610" }, { "model": "unified ip phone", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "89450" }, { "model": "unified ip conference phone for third-party call control", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "88310" }, { "model": "unified ip conference phone", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "88310" }, { "model": "unified ip series phones", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "79000" }, { "model": "unified ip phone", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "69450" }, { "model": "unified ip phone", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "69010" }, { "model": "unified intelligent contact management enterprise", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "unified intelligence center", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "unified contact center express", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "unified contact center enterprise live data server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "-0" }, { "model": "unified contact center enterprise", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "unified communications manager session management edition", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "unified communications manager im \u0026 presence service (formerly c", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "unified communications manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "unified communications domain manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "unified attendant console standard", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "unified attendant console premium edition", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "unified attendant console enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "unified attendant console department edition", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "unified attendant console business edition", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "unified attendant console advanced", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "unified attendant console", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "ucs standalone c-series rack server integrated management cont", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "-0" }, { "model": "ucs manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "ucs director", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "ucs central software", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "ucs b-series blade servers", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "ucs series and series fabric interconnects", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "620063000" }, { "model": "uc integration for microsoft lync", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "telepresence video communication server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "telepresence tx9000 series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "telepresence system tx1310", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "telepresence system ex series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "telepresence system", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "500-370" }, { "model": "telepresence system", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "500-320" }, { "model": "telepresence system series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "30000" }, { "model": "telepresence system", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "30000" }, { "model": "telepresence system", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "13000" }, { "model": "telepresence system", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "11000" }, { "model": "telepresence system", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "10000" }, { "model": "telepresence system tx9000", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "telepresence system", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "500-37" }, { "model": "telepresence system", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "500-32" }, { "model": "telepresence system", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "1100" }, { "model": "telepresence sx series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "telepresence supervisor mse", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "80500" }, { "model": "telepresence server on virtual machine", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "telepresence server on multiparty media", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8200" }, { "model": "telepresence server on multiparty media and", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "3103200" }, { "model": "telepresence server and mse", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "701087100" }, { "model": "telepresence serial gateway series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "telepresence profile series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "telepresence mx series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "telepresence mcu", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "telepresence isdn link", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "telepresence isdn gateway mse", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "83210" }, { "model": "telepresence isdn gateway", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "32410" }, { "model": "telepresence integrator c series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "telepresence content server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "telepresence conductor", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "tapi service provider", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "tandberg codian mse", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "83200" }, { "model": "tandberg codian isdn gateway", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "stealthwatch management console", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "stealthwatch identity", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "stealthwatch flowcollector sflow", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "stealthwatch flowcollector netflow", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "spa525g 5-line ip phone", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "spa51x ip phones", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "spa232d multi-line dect analog telephone adapter", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "spa122 analog telephone adapter with router", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "spa112 2-port phone adapter", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "socialminer", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "smart net total care local collector appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "-0" }, { "model": "smart care", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "small business spa500 series ip phones", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "small business spa300 series ip phones", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "small business series managed switches", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "3000" }, { "model": "small business series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "3000" }, { "model": "show and share", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "services provisioning platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "security manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "secure access control system", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "registered envelope service", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "proactive network operations center", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "prime performance manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "prime optical for service providers", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "prime optical", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "prime network services controller", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "prime network", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "prime license manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "prime lan management solution", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "prime ip express", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "prime infrastructure plug and play standalone gateway", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "prime data center network manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "prime collaboration provisioning", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "prime collaboration deployment", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "prime collaboration assurance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "prime access registrar", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "physical access gateways", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "partner support service", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "1.0" }, { "model": "packaged contact center enterprise", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "ons series multiservice provisioning platforms", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "154540" }, { "model": "onepk all-in-one vm", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "onepk all-in-one virtual machine", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "one portal", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "nexus series switches standalone nx-os mode", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "9000-0" }, { "model": "nexus series fabric switches aci mode", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "9000-0" }, { "model": "nexus series switches", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "70000" }, { "model": "nexus series switches", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "60000" }, { "model": "nexus series switches", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "50000" }, { "model": "nexus series blade switches", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "40000" }, { "model": "nexus series switches", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "30000" }, { "model": "nexus series switches", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "1000v0" }, { "model": "nexus intercloud for vmware", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "1000v0" }, { "model": "nexus intercloud", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "1000v0" }, { "model": "network performance analysis", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "network analysis module", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "netflow generation appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "nac guest server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "nac appliance clean access server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "-0" }, { "model": "nac appliance clean access manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "-0" }, { "model": "mxe series media experience engines", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "35000" }, { "model": "multicast manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "mobility services engine", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "mediasense", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "media services interface", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "mds series multilayer switches", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "90000" }, { "model": "management appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "lancope stealthwatch flowcollector sflow", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "lancope stealthwatch flowcollector netflow", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "jabber software development kit", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "jabber guest", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "jabber for windows", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "jabber for mac", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "jabber for iphone and ipad", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "jabber for android", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "jabber client framework components", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "jabber", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "ironport email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "ip interoperability and collaboration system", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "ip series phones vpn feature", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8800-0" }, { "model": "ip series phones", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "78000" }, { "model": "ios xr software", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "intrusion prevention system solutions", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "intracer", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "intelligent automation for cloud", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "identity services engine", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "hosted collaboration mediation fulfillment", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "firesight system software", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "expressway series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "enterprise content delivery system", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "emergency responder", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "emergency responder", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "edge digital media player", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "3400" }, { "model": "edge digital media player", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "3000" }, { "model": "dx series ip phones", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "content security appliance update servers", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "connected grid routers", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "connected analytics for collaboration", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "configuration professional", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "computer telephony integration object server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "common services platform collector", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "cloupia unified infrastructure controller", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "cloud object storage", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "clean access manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "broadband access center telco and wireless", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "ata series analog terminal adaptors", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "1900" }, { "model": "ata analog telephone adaptor", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "1870" }, { "model": "asr series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "50000" }, { "model": "asa next-generation firewall services", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "application policy infrastructure controller", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "application networking manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "application and content networking system", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "anyconnect secure mobility client for windows", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "anyconnect secure mobility client for mac os", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "x0" }, { "model": "anyconnect secure mobility client for linux", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "anyconnect secure mobility client for ios", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "anyconnect secure mobility client for desktop platforms", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "anyconnect secure mobility client for android", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "anyconnect secure mobility client", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "aironet series access points", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "27000" }, { "model": "agent for openflow", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "agent desktop for cisco unified contact center express", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "agent desktop", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "adaptive security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "ace30 application control engine module", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "ace application control engine", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "47100" }, { "model": "industrial router", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "9100" }, { "model": "series stackable managed switches", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "5000" }, { "model": "series stackable", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "5000" }, { "model": "series digital media players", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "44000" }, { "model": "series digital media players", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "43000" }, { "model": "series smart plus switches", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "2200" }, { "model": "centos", "scope": "eq", "trust": 0.3, "vendor": "centos", "version": "7" }, { "model": "x-series xos", "scope": "eq", "trust": 0.3, "vendor": "bluecoat", "version": "9.7" }, { "model": "x-series xos", "scope": "eq", "trust": 0.3, "vendor": "bluecoat", "version": "11.0" }, { "model": "x-series xos", "scope": "eq", "trust": 0.3, "vendor": "bluecoat", "version": "10.0" }, { "model": "ssl visibility", "scope": "eq", "trust": 0.3, "vendor": "bluecoat", "version": "3.9" }, { "model": "ssl visibility 3.8.4fc", "scope": null, "trust": 0.3, "vendor": "bluecoat", "version": null }, { "model": "policycenter s-series", "scope": "eq", "trust": 0.3, "vendor": "bluecoat", "version": "1.1" }, { "model": "policycenter", "scope": "eq", "trust": 0.3, "vendor": "bluecoat", "version": "9.2" }, { "model": "packetshaper s-series", "scope": "eq", "trust": 0.3, "vendor": "bluecoat", "version": "11.6" }, { "model": "packetshaper s-series", "scope": "eq", "trust": 0.3, "vendor": "bluecoat", "version": "11.5" }, { "model": "packetshaper s-series", "scope": "eq", "trust": 0.3, "vendor": "bluecoat", "version": "11.4" }, { "model": "packetshaper s-series", "scope": "eq", "trust": 0.3, "vendor": "bluecoat", "version": "11.3" }, { "model": "packetshaper s-series", "scope": "eq", "trust": 0.3, "vendor": "bluecoat", "version": "11.2" }, { "model": "packetshaper", "scope": "eq", "trust": 0.3, "vendor": "bluecoat", "version": "9.2" }, { "model": "norman shark scada protection", "scope": "eq", "trust": 0.3, "vendor": "bluecoat", "version": "5.3" }, { "model": "norman shark network protection", "scope": "eq", "trust": 0.3, "vendor": "bluecoat", "version": "5.3" }, { "model": "norman shark industrial control system protection", "scope": "eq", "trust": 0.3, "vendor": "bluecoat", "version": "5.3" }, { "model": "management center", "scope": "eq", "trust": 0.3, "vendor": "bluecoat", "version": "1.7" }, { "model": "malware analysis appliance", "scope": "eq", "trust": 0.3, "vendor": "bluecoat", "version": "4.2" }, { "model": "vm virtualbox", "scope": "ne", "trust": 0.3, "vendor": "oracle", "version": "5.1.8" }, { "model": "vm virtualbox", "scope": "ne", "trust": 0.3, "vendor": "oracle", "version": "5.0.28" }, { "model": "oss support tools", "scope": "ne", "trust": 0.3, "vendor": "oracle", "version": "8.15.17.3.14" }, { "model": "email gateway", "scope": "ne", "trust": 0.3, "vendor": "mcafee", "version": "7.6.406-3402.103" }, { "model": "tivoli provisioning manager for os deployment build", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "5.1.1051.08" }, { "model": "tivoli provisioning manager for os deployment build", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.20290.1" }, { "model": "tivoli provisioning manager for images build", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.20290.1" }, { "model": "sterling connect:express for unix ifix", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "1.5.0.13150-13" }, { "model": "sonas", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "1.5.2.5" }, { "model": "security network protection", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "5.3.3.1" }, { "model": "security network protection", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "5.3.2.5" }, { "model": "security network protection", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "5.3.1.11" }, { "model": "sdk for node.js", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "6.7.0.0" }, { "model": "sdk for node.js", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "4.6.0.0" }, { "model": "sdk for node.js", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "1.2.0.15" }, { "model": "sdk for node.js", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "1.1.1.4" }, { "model": "powerkvm update", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "3.1.0.23" }, { "model": "powerkvm update", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "2.1.1.3-6513" }, { "model": "bigfix remote control", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.1.3" }, { "model": "wireless lan controller", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "8.4" }, { "model": "webex meetings server", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "2.6.1.30" }, { "model": "webex meetings for windows phone", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "82.8" }, { "model": "webex meetings client on-premises t32", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "webex meetings client hosted t32", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "webex centers t32", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "virtualization experience media edition", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "11.8" }, { "model": "virtual security gateway", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "2.1.6" }, { "model": "videoscape anyres live", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "9.7.2" }, { "model": "video surveillance ptz ip cameras", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "2.9" }, { "model": "video surveillance series ip cameras", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "70002.9" }, { "model": "video surveillance series ip cameras", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "60002.9" }, { "model": "video surveillance 4300e and 4500e high-definition ip cameras", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "2.9" }, { "model": "video surveillance series high-definition ip cameras", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "40002.9" }, { "model": "video surveillance series ip cameras", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "30002.9" }, { "model": "video distribution suite for internet streaming", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "4.003(002)" }, { "model": "universal small cell iuh", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "3.17.3" }, { "model": "universal small cell cloudbase factory recovery root filesystem", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "3.17.3" }, { "model": "universal small cell series", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "70003.5.12.23" }, { "model": "universal small cell series", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "50003.5.12.23" }, { "model": "unity express", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "10" }, { "model": "unified workforce optimization quality management solution 11.5 su1", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "unified sip proxy software", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "10" }, { "model": "unified meetingplace 8.6mr1", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "unified ip conference phone for third-party call control 9.3 sr3", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "8831" }, { "model": "unified ip conference phone 10.3.1sr4", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "8831" }, { "model": "unified ip phone 9.3 sr3", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "6901" }, { "model": "unified intelligent contact management enterprise", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "11.6.1" }, { "model": "unified intelligence center", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "11.6(1)" }, { "model": "unified contact center express", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "11.6" }, { "model": "unified contact center enterprise", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "11.6.1" }, { "model": "ucs standalone c-series rack server integrated management cont", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "-3.0" }, { "model": "ucs b-series blade servers", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "3.1.3" }, { "model": "uc integration for microsoft lync", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "11.6.3" }, { "model": "telepresence video communication server", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "x8.8.3" }, { "model": "telepresence tx9000 series", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "6.1" }, { "model": "telepresence system tx1310", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "6.1" }, { "model": "telepresence system ex series tc7.3.7", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "telepresence system ex series ce8.2.2", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "telepresence system", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "500-376.1" }, { "model": "telepresence system", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "500-326.1" }, { "model": "telepresence system series", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "30006.1" }, { "model": "telepresence system", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "13006.1" }, { "model": "telepresence system", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "11006.1" }, { "model": "telepresence system", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "10006.1" }, { "model": "telepresence sx series tc7.3.7", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "telepresence sx series ce8.2.2", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "telepresence server on multiparty media", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "8204.4" }, { "model": "telepresence server on multiparty media and", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "3103204.4" }, { "model": "telepresence server and mse", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "701087104.4" }, { "model": "telepresence profile series tc7.3.7", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "telepresence profile series ce8.2.2", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "telepresence mx series tc7.3.7", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "telepresence mx series ce8.2.2", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "telepresence mcu", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "4.5(1.89)" }, { "model": "telepresence integrator c series tc7.3.7", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "telepresence integrator c series ce8.2.2", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "spa232d multi-line dect analog telephone adapter", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "1.4.2" }, { "model": "spa122 analog telephone adapter with router", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "1.4.2" }, { "model": "spa112 2-port phone adapter", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "1.4.2" }, { "model": "services provisioning platform sfp1.1", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "security manager", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "4.13" }, { "model": "secure access control system", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "5.8.0.32.8" }, { "model": "secure access control system", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "5.8.0.32.7" }, { "model": "prime performance manager sp1611", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "1.7" }, { "model": "prime network services controller 1.01u", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "prime network registrar", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "8.3.5" }, { "model": "prime network registrar", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "9.0" }, { "model": "prime network", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "431" }, { "model": "prime infrastructure", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "3.2" }, { "model": "prime collaboration provisioning", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "11.6" }, { "model": "prime collaboration assurance", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "11.6" }, { "model": "ons series multiservice provisioning platforms", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "1545410.7" }, { "model": "nexus series switches standalone nx-os mode 7.0 i5", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "9000-" }, { "model": "nexus series fabric switches aci mode", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "9000-0" }, { "model": "nexus series switches", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "70006.2.19" }, { "model": "nexus series switches 5.2.8", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "7000" }, { "model": "nexus series switches", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "60006.2.19" }, { "model": "nexus series switches 5.2.8", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "6000" }, { "model": "nexus series switches", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "50006.2.19" }, { "model": "nexus series switches 5.2.8", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "5000" }, { "model": "nexus series blade switches 4.1 e1", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "4000" }, { "model": "nexus series switches 5.2 sv3", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "1000v" }, { "model": "network analysis module", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "6.2(2)" }, { "model": "network analysis module 6.2", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "netflow generation appliance", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "1.1(1)" }, { "model": "mds series multilayer switches", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "90006.2.19" }, { "model": "mds series multilayer switches 5.2.8", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "9000" }, { "model": "jabber software development kit", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "11.8" }, { "model": "jabber guest", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "11" }, { "model": "jabber for windows", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "11.8" }, { "model": "jabber for mac", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "11.8" }, { "model": "jabber for iphone and ipad", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "11.8" }, { "model": "jabber for android", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "11.8" }, { "model": "jabber client framework components", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "11.8" }, { "model": "ip interoperability and collaboration system", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "5.0(1)" }, { "model": "ios and cisco ios xe software", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "16.4" }, { "model": "ios and cisco ios xe software", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "16.3" }, { "model": "ios and cisco ios xe software", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "16.2" }, { "model": "ios and cisco ios xe software", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "16.1" }, { "model": "ios and cisco ios xe software", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "15.5(3)" }, { "model": "firesight system software", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "6.1.0.1" }, { "model": "firesight system software", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "6.0.1.3" }, { "model": "firesight system software", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "5.4.1.9" }, { "model": "firesight system software", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "5.4.0.10" }, { "model": "expressway series", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "x8.8.3" }, { "model": "enterprise content delivery system", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "2.6.9" }, { "model": "email security appliance", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "10.0.1" }, { "model": "edge digital media player 1.2rb1.0.3", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "340" }, { "model": "edge digital media player 1.6rb5", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "300" }, { "model": "digital media manager 5.4.1 rb4", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "digital media manager 5.3.6 rb3", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "dcm series d9900 digital content manager", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "content security management appliance", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "6.1.140" }, { "model": "connected grid routers", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "15.8.9" }, { "model": "connected grid routers", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "7.3" }, { "model": "computer telephony integration object server", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "11.6.1" }, { "model": "common services platform collector", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "1.11" }, { "model": "ata series analog terminal adaptors", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "1901.3" }, { "model": "asr series", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "500021.2" }, { "model": "asa next-generation firewall services", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "2.1.2" }, { "model": "application policy infrastructure controller", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "2.2(1)" }, { "model": "anyconnect secure mobility client for windows", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "4.0.7" }, { "model": "anyconnect secure mobility client for mac os", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "x4.0.7" }, { "model": "anyconnect secure mobility client for linux", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "4.0.7" }, { "model": "anyconnect secure mobility client for ios", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "4.0.7" }, { "model": "anyconnect secure mobility client for desktop platforms", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "4.3.4" }, { "model": "anyconnect secure mobility client for desktop platforms", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "4.4" }, { "model": "anyconnect secure mobility client for android", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "4.0.7" }, { "model": "aironet series access points", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "270016.4" }, { "model": "aironet series access points", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "270016.3" }, { "model": "aironet series access points", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "270016.2" }, { "model": "aironet series access points", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "270016.1" }, { "model": "aironet series access points", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "270015.5(3)" }, { "model": "industrial router 1.2.1rb4", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "910" }, { "model": "series digital media players 5.4.1 rb4", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "4400" }, { "model": "series digital media players 5.3.6 rb3", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "4400" }, { "model": "series digital media players 5.4.1 rb4", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "4300" }, { "model": "series digital media players 5.3.6 rb3", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "4300" } ], "sources": [ { "db": "BID", "id": "91081" }, { "db": "JVNDB", "id": "JVNDB-2016-003305" }, { "db": "CNNVD", "id": "CNNVD-201606-265" }, { "db": "NVD", "id": "CVE-2016-2178" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:openssl:openssl", "vulnerable": true }, { "cpe22Uri": "cpe:/o:suse:linux_enterprise_module_for_web_scripting", "vulnerable": true }, { "cpe22Uri": "cpe:/o:oracle:linux", "vulnerable": true }, { "cpe22Uri": "cpe:/o:oracle:solaris", "vulnerable": true }, { "cpe22Uri": "cpe:/a:nec:capssuite", "vulnerable": true }, { "cpe22Uri": "cpe:/a:nec:enterpriseidentitymanager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:nec:esmpro_serveragent", "vulnerable": true }, { "cpe22Uri": "cpe:/a:nec:esmpro_serveragentservice", "vulnerable": true }, { "cpe22Uri": "cpe:/h:nec:express5800", "vulnerable": true }, { "cpe22Uri": "cpe:/h:nec:ix1000", "vulnerable": true }, { "cpe22Uri": "cpe:/h:nec:ix2000", "vulnerable": true }, { "cpe22Uri": "cpe:/h:nec:ix3000", "vulnerable": true }, { "cpe22Uri": "cpe:/a:nec:secureware_pki_application_development_kit", "vulnerable": true }, { "cpe22Uri": "cpe:/a:nec:webotx_application_server", "vulnerable": true }, { "cpe22Uri": "cpe:/a:nec:webotx_enterprise_service_bus", "vulnerable": true }, { "cpe22Uri": "cpe:/a:nec:webotx_portal", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-003305" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Guido Vranken,The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", "sources": [ { "db": "CNNVD", "id": "CNNVD-201606-265" } ], "trust": 0.6 }, "cve": "CVE-2016-2178", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "CVE-2016-2178", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 1.9, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "id": "CVE-2016-2178", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.5, "baseSeverity": "Medium", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2016-2178", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2016-2178", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2016-2178", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-201606-265", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2016-2178", "trust": 0.1, "value": "LOW" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2016-2178" }, { "db": "JVNDB", "id": "JVNDB-2016-003305" }, { "db": "CNNVD", "id": "CNNVD-201606-265" }, { "db": "NVD", "id": "CVE-2016-2178" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack. OpenSSL is prone to a local information-disclosure vulnerability. \nLocal attackers can exploit this issue to obtain sensitive information. This may aid in further attacks. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2016:1940-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-1940.html\nIssue date: 2016-09-27\nCVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 \n CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 \n CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 \n=====================================================================\n\n1. Summary:\n\nAn update for openssl is now available for Red Hat Enterprise Linux 6 and\nRed Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. \n\nSecurity Fix(es):\n\n* A memory leak flaw was found in the way OpenSSL handled TLS status\nrequest extension data during session renegotiation. A remote attacker\ncould cause a TLS server using OpenSSL to consume an excessive amount of\nmemory and, possibly, exit unexpectedly after exhausting all available\nmemory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\n* It was discovered that OpenSSL did not always use constant time\noperations when computing Digital Signature Algorithm (DSA) signatures. \n(CVE-2016-2178)\n\n* It was discovered that the Datagram TLS (DTLS) implementation could fail\nto release memory in certain cases. A malicious DTLS client could cause a\nDTLS server using OpenSSL to consume an excessive amount of memory and,\npossibly, exit unexpectedly after exhausting all available memory. \n(CVE-2016-2179)\n\n* A flaw was found in the Datagram TLS (DTLS) replay protection\nimplementation in OpenSSL. A remote attacker could possibly use this flaw\nto make a DTLS server using OpenSSL to reject further packets sent from a\nDTLS client over an established DTLS connection. (CVE-2016-2181)\n\n* An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec()\nfunction. An attacker able to make an application using OpenSSL to process\na large BIGNUM could cause the application to crash or, possibly, execute\narbitrary code. (CVE-2016-2182)\n\n* A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL\nprotocol. A man-in-the-middle attacker could use this flaw to recover some\nplaintext data by capturing large amounts of encrypted traffic between\nTLS/SSL server and client if the communication used a DES/3DES based\nciphersuite. (CVE-2016-2183)\n\nThis update mitigates the CVE-2016-2183 issue by lowering priority of DES\ncipher suites so they are not preferred over cipher suites using AES. For\ncompatibility reasons, DES cipher suites remain enabled by default and\nincluded in the set of cipher suites identified by the HIGH cipher string. \nFuture updates may move them to MEDIUM or not enable them by default. \n\n* An integer underflow flaw leading to a buffer over-read was found in the\nway OpenSSL parsed TLS session tickets. A remote attacker could use this\nflaw to crash a TLS server using OpenSSL if it used SHA-512 as HMAC for\nsession tickets. (CVE-2016-6302)\n\n* Multiple integer overflow flaws were found in the way OpenSSL performed\npointer arithmetic. A remote attacker could possibly use these flaws to\ncause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)\n\n* An out of bounds read flaw was found in the way OpenSSL formatted Public\nKey Infrastructure Time-Stamp Protocol data for printing. An attacker could\npossibly cause an application using OpenSSL to crash if it printed time\nstamp data from the attacker. (CVE-2016-2180)\n\n* Multiple out of bounds read flaws were found in the way OpenSSL handled\ncertain TLS/SSL protocol handshake messages. A remote attacker could\npossibly use these flaws to crash a TLS/SSL server or client using OpenSSL. \n(CVE-2016-6306)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304\nand CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183. Upstream\nacknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter\nof CVE-2016-6304 and CVE-2016-6306; and Karthikeyan Bhargavan (Inria) and\nGaA\u003c\u003ctan Leurent (Inria) as the original reporters of CVE-2016-2183. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase\n1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation\n1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio()\n1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()\n1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection\n1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)\n1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer\n1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks\n1377594 - CVE-2016-6306 openssl: certificate message OOB reads\n1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\n\nppc64:\nopenssl-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nppc64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-static-1.0.1e-48.el6_8.3.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nppc64:\nopenssl-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm\n\nppc64le:\nopenssl-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm\n\ns390x:\nopenssl-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc64.rpm\n\nppc64le:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-static-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-static-1.0.1e-51.el7_2.7.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-2177\nhttps://access.redhat.com/security/cve/CVE-2016-2178\nhttps://access.redhat.com/security/cve/CVE-2016-2179\nhttps://access.redhat.com/security/cve/CVE-2016-2180\nhttps://access.redhat.com/security/cve/CVE-2016-2181\nhttps://access.redhat.com/security/cve/CVE-2016-2182\nhttps://access.redhat.com/security/cve/CVE-2016-6302\nhttps://access.redhat.com/security/cve/CVE-2016-6304\nhttps://access.redhat.com/security/cve/CVE-2016-6306\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://www.openssl.org/news/secadv/20160922.txt\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI\nxpTW7ApBLmKhVjs49DGYouI=\n=4VgY\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Summary:\n\nAn update is now available for JBoss Core Services on RHEL 7. Description:\n\nThis release adds the new Apache HTTP Server 2.4.23 packages that are part\nof the JBoss Core Services offering. \n\nThis release serves as a replacement for Red Hat JBoss Core Services Pack\nApache Server 2.4.6 and includes bug fixes and enhancements. Refer to the\nRelease Notes for information on the most significant bug fixes and\nenhancements included in this release. \n(CVE-2016-2108)\n\n* It was found that the length checks prior to writing to the target buffer\nfor creating a virtual host mapping rule did not take account of the length\nof the virtual host name, creating the potential for a buffer overflow. (CVE-2016-2177)\n\n* It was discovered that specifying configuration with a JVMRoute path\nlonger than 80 characters will cause segmentation fault leading to a server\ncrash. (CVE-2016-4459)\n\n* An error was found in protocol parsing logic of mod_cluster load balancer\nApache HTTP Server modules. After installing the updated\npackages, the httpd daemon will be restarted automatically. Additional information can be found at\n https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/ \n\nCVE-2016-2178\n\n Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing\n leak in the DSA code. \n\nCVE-2016-2179 / CVE-2016-2181\n\n Quan Luo and the OCAP audit team discovered denial of service\n vulnerabilities in DTLS. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.0.1t-1+deb8u4. \n\nFor the unstable distribution (sid), these problems will be fixed soon. \n\nWe recommend that you upgrade your openssl packages. Of these 14 vulnerabilities, the OpenSSL Software Foundation classifies one as aCritical Severity,a one as aModerate Severity,a and the other 12 as aLow Severity.a\n\nSubsequently, on September 26, the OpenSSL Software Foundation released an additional advisory that describes two new vulnerabilities. One of the new vulnerabilities was rated as aHigh Severitya and the other as aModerate Severity.a\n\nOf the 16 released vulnerabilities:\n Fourteen track issues that could result in a denial of service (DoS) condition\n One (CVE-2016-2183, aka SWEET32) tracks an implementation of a Birthday attack against Transport Layer Security (TLS) block ciphers that use a 64-bit block size that could result in loss of confidentiality\n One (CVE-2016-2178) is a timing side-channel attack that, in specific circumstances, could allow an attacker to derive the private DSA key that belongs to another user or service running on the same system\n\nFive of the 16 vulnerabilities affect exclusively the recently released OpenSSL versions that belong to the 1.1.0 code train, which has not yet been integrated into any Cisco product. \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201612-16\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: OpenSSL: Multiple vulnerabilities\n Date: December 07, 2016\n Bugs: #581234, #585142, #585276, #591454, #592068, #592074,\n #592082, #594500, #595186\n ID: 201612-16\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL, the worst of which\nallows attackers to conduct a time based side-channel attack. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 1.0.2j \u003e= 1.0.2j\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review\nthe CVE identifiers and the International Association for Cryptologic\nResearch\u0027s (IACR) paper, \"Make Sure DSA Signing Exponentiations Really\nare Constant-Time\" for further details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.2j\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-2105\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105\n[ 2 ] CVE-2016-2106\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106\n[ 3 ] CVE-2016-2107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107\n[ 4 ] CVE-2016-2108\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108\n[ 5 ] CVE-2016-2109\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109\n[ 6 ] CVE-2016-2176\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176\n[ 7 ] CVE-2016-2177\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177\n[ 8 ] CVE-2016-2178\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178\n[ 9 ] CVE-2016-2180\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180\n[ 10 ] CVE-2016-2183\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183\n[ 11 ] CVE-2016-6304\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304\n[ 12 ] CVE-2016-6305\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305\n[ 13 ] CVE-2016-6306\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306\n[ 14 ] CVE-2016-7052\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052\n[ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time\n http://eprint.iacr.org/2016/594.pdf\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201612-16\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. Description:\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server. For\nfurther information, see the knowledge base article linked to in the\nReferences section. The JBoss server process must be restarted for the update\nto take effect. ==========================================================================\nUbuntu Security Notice USN-3087-2\nSeptember 23, 2016\n\nopenssl regression\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nUSN-3087-1 introduced a regression in OpenSSL. The fix for CVE-2016-2182 was\nincomplete and caused a regression when parsing certificates. This update\nfixes the problem. \n\nWe apologize for the inconvenience. This\n issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178)\n Quan Luo discovered that OpenSSL did not properly restrict the lifetime\n of queue entries in the DTLS implementation. (CVE-2016-2181)\n Shi Lei discovered that OpenSSL incorrectly validated division results. \n (CVE-2016-2182)\n Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES\n ciphers were vulnerable to birthday attacks. \n (CVE-2016-2183)\n Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303)\n Shi Lei discovered that OpenSSL incorrectly performed certain message\n length checks. (CVE-2016-6306)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n libssl1.0.0 1.0.2g-1ubuntu4.5\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.21\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.38\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. (CVE-2016-6808)\n\n* A memory leak flaw was fixed in expat. Solution:\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). JIRA issues fixed (https://issues.jboss.org/):\n\nJBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0]\nJBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service\n\n6", "sources": [ { "db": "NVD", "id": "CVE-2016-2178" }, { "db": "JVNDB", "id": "JVNDB-2016-003305" }, { "db": "BID", "id": "91081" }, { "db": "VULMON", "id": "CVE-2016-2178" }, { "db": "PACKETSTORM", "id": "138870" }, { "db": "PACKETSTORM", "id": "140717" }, { "db": "PACKETSTORM", "id": "143176" }, { "db": "PACKETSTORM", "id": "138817" }, { "db": "PACKETSTORM", "id": "138889" }, { "db": "PACKETSTORM", "id": "140056" }, { "db": "PACKETSTORM", "id": "138820" }, { "db": "PACKETSTORM", "id": "143181" }, { "db": "PACKETSTORM", "id": "138826" }, { "db": "PACKETSTORM", "id": "140182" } ], "trust": 2.88 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2016-2178", "trust": 3.8 }, { "db": "BID", "id": "91081", "trust": 2.0 }, { "db": "MCAFEE", "id": "SB10215", "trust": 1.7 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2016/06/08/6", "trust": 1.7 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2016/06/08/7", "trust": 1.7 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2016/06/08/5", "trust": 1.7 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2016/06/09/8", "trust": 1.7 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2016/06/08/2", "trust": 1.7 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2016/06/08/12", "trust": 1.7 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2016/06/08/8", "trust": 1.7 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2016/06/08/11", "trust": 1.7 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2016/06/09/2", "trust": 1.7 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2016/06/08/10", "trust": 1.7 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2016/06/08/4", "trust": 1.7 }, { "db": "TENABLE", "id": "TNS-2016-16", "trust": 1.7 }, { "db": "TENABLE", "id": "TNS-2016-21", "trust": 1.7 }, { "db": "TENABLE", "id": "TNS-2016-20", "trust": 1.7 }, { "db": "JUNIPER", "id": "JSA10759", "trust": 1.7 }, { "db": "SECTRACK", "id": "1036054", "trust": 1.7 }, { "db": "PULSESECURE", "id": "SA40312", "trust": 1.7 }, { "db": "SIEMENS", "id": "SSA-412672", "trust": 1.7 }, { "db": "JVN", "id": "JVNVU98667810", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2016-003305", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2022.0696", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.2148", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.4645", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201606-265", "trust": 0.6 }, { "db": "ICS CERT", "id": "ICSA-22-349-21", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2016-2178", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "138870", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "140717", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "143176", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "138817", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "138889", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "140056", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "138820", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "143181", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "138826", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "140182", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2016-2178" }, { "db": "BID", "id": "91081" }, { "db": "JVNDB", "id": "JVNDB-2016-003305" }, { "db": "PACKETSTORM", "id": "138870" }, { "db": "PACKETSTORM", "id": "140717" }, { "db": "PACKETSTORM", "id": "143176" }, { "db": "PACKETSTORM", "id": "138817" }, { "db": "PACKETSTORM", "id": "138889" }, { "db": "PACKETSTORM", "id": "140056" }, { "db": "PACKETSTORM", "id": "138820" }, { "db": "PACKETSTORM", "id": "143181" }, { "db": "PACKETSTORM", "id": "138826" }, { "db": "PACKETSTORM", "id": "140182" }, { "db": "CNNVD", "id": "CNNVD-201606-265" }, { "db": "NVD", "id": "CVE-2016-2178" } ] }, "id": "VAR-201606-0477", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.43269937899999994 }, "last_update_date": "2024-11-29T21:30:55.271000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "cisco-sa-20160927-openssl", "trust": 0.8, "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl" }, { "title": "HPSBGN03658", "trust": 0.8, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448" }, { "title": "1995039", "trust": 0.8, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039" }, { "title": "NV17-001", "trust": 0.8, "url": "http://jpn.nec.com/security-info/secinfo/nv17-001.html" }, { "title": "OpenSSL 1.0.2 Series Release Notes", "trust": 0.8, "url": "https://www.openssl.org/news/openssl-1.0.2-notes.html" }, { "title": "OpenSSL 1.0.1 Series Release Notes", "trust": 0.8, "url": "https://www.openssl.org/news/openssl-1.0.1-notes.html" }, { "title": "Security updates for all active release lines, September 2016", "trust": 0.8, "url": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/" }, { "title": "Fix DSA, preserve BN_FLG_CONSTTIME", "trust": 0.8, "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=399944622df7bd81af62e67ea967c470534090e2" }, { "title": "SUSE-SU-2016:2470", "trust": 0.8, "url": "https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html" }, { "title": "Oracle Critical Patch Update Advisory - October 2016", "trust": 0.8, "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" }, { "title": "Oracle Linux Bulletin - October 2016", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" }, { "title": "Oracle VM Server for x86 Bulletin - October 2016", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html" }, { "title": "Oracle Solaris Third Party Bulletin - April 2016", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "title": "Bug 1343400", "trust": 0.8, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343400" }, { "title": "SA132", "trust": 0.8, "url": "https://bto.bluecoat.com/security-advisory/sa132" }, { "title": "SA40312", "trust": 0.8, "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312" }, { "title": "JSA10759", "trust": 0.8, "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759" }, { "title": "Splunk Enterprise 6.4.5 addresses multiple vulnerabilities", "trust": 0.8, "url": "http://www.splunk.com/view/SP-CAAAPUE" }, { "title": "Splunk Enterprise 6.5.1 addresses multiple OpenSSL vulnerabilities", "trust": 0.8, "url": "http://www.splunk.com/view/SP-CAAAPSV" }, { "title": "TNS-2016-16", "trust": 0.8, "url": "https://www.tenable.com/security/tns-2016-16" }, { "title": "TLSA-2016-17", "trust": 0.8, "url": "http://www.turbolinux.co.jp/security/2016/TLSA-2016-17j.html" }, { "title": "OpenSSL DSA Security vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=62222" }, { "title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 6.4.16 natives update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20171659 - Security Advisory" }, { "title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 6.4.16 natives update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20171658 - Security Advisory" }, { "title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Release on RHEL 7", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20170194 - Security Advisory" }, { "title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Release on RHEL 6", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20170193 - Security Advisory" }, { "title": "Red Hat: Important: openssl security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20161940 - Security Advisory" }, { "title": "Red Hat: CVE-2016-2178", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2016-2178" }, { "title": "Arch Linux Issues: ", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2016-2178" }, { "title": "Ubuntu Security Notice: openssl vulnerabilities", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3087-1" }, { "title": "Ubuntu Security Notice: openssl regression", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3087-2" }, { "title": "Amazon Linux AMI: ALAS-2016-755", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2016-755" }, { "title": "Arch Linux Advisories: [ASA-201609-23] openssl: multiple issues", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201609-23" }, { "title": "Arch Linux Advisories: [ASA-201609-24] lib32-openssl: multiple issues", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201609-24" }, { "title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20162957 - Security Advisory" }, { "title": "IBM: IBM Security Bulletin: Fabric OS firmware for Brocade 8Gb SAN Switch Module for BladeCenter is affected by vulnerabilities in OpenSSL and OpenSSH", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=b7f5b1e7edcafce07f28205855d4db49" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - January 2017", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=69e9536e77203a3c76b24dd89f4f9300" }, { "title": "Tenable Security Advisories: [R7] Nessus 6.9 Fixes Multiple Vulnerabilities", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2016-16" }, { "title": "Symantec Security Advisories: SA132 : OpenSSL Vulnerabilities 22-Sep-2016 and 26-Sep-2016", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=1e6dcaf5dac6ef96a7d917a8c1393040" }, { "title": "Cisco: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160927-openssl" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - October 2016", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c" }, { "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2016", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=ac5af5dd99788925425f5747ec672707" }, { "title": "Tenable Security Advisories: [R3] PVS 5.2.0 Fixes Multiple Third-party Library Vulnerabilities", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2016-20" }, { "title": "Tenable Security Advisories: [R2] LCE 4.8.2 Fixes Multiple Third-party Library Vulnerabilities", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2016-21" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - July 2017", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2" }, { "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2017", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a31bff03e9909229fd67996884614fdf" }, { "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2016", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=976a4da35d55283870dbb31b88a6c655" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - January 2018", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d" }, { "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2018", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=586e6062440cdd312211d748e028164e" }, { "title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - October 2016", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=21c0efa2643d707e2f50a501209eb75c" }, { "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2016", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=13f3551b67d913fba90df4b2c0dae0bf" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - April 2018", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - April 2017", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - October 2017", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a" }, { "title": "", "trust": 0.1, "url": "https://github.com/Live-Hack-CVE/CVE-2016-2178 " }, { "title": "alpine-cvecheck", "trust": 0.1, "url": "https://github.com/tomwillfixit/alpine-cvecheck " } ], "sources": [ { "db": "VULMON", "id": "CVE-2016-2178" }, { "db": "JVNDB", "id": "JVNDB-2016-003305" }, { "db": "CNNVD", "id": "CNNVD-201606-265" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-203", "trust": 1.0 }, { "problemtype": "CWE-200", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-003305" }, { "db": "NVD", "id": "CVE-2016-2178" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.7, "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl" }, { "trust": 2.0, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343400" }, { "trust": 2.0, "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" }, { "trust": 2.0, "url": "https://bto.bluecoat.com/security-advisory/sa132" }, { "trust": 2.0, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039" }, { "trust": 2.0, "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "trust": 1.9, "url": "http://www.ubuntu.com/usn/usn-3087-1" }, { "trust": 1.8, "url": "http://eprint.iacr.org/2016/594.pdf" }, { "trust": 1.8, "url": "https://security.gentoo.org/glsa/201612-16" }, { "trust": 1.8, "url": "https://access.redhat.com/errata/rhsa-2017:1658" }, { "trust": 1.8, "url": "https://access.redhat.com/errata/rhsa-2017:0194" }, { "trust": 1.8, "url": "http://rhn.redhat.com/errata/rhsa-2017-1659.html" }, { "trust": 1.8, "url": "http://rhn.redhat.com/errata/rhsa-2016-2957.html" }, { "trust": 1.8, "url": "http://rhn.redhat.com/errata/rhsa-2016-1940.html" }, { "trust": 1.8, "url": "http://www.ubuntu.com/usn/usn-3087-2" }, { "trust": 1.7, "url": "http://www.openwall.com/lists/oss-security/2016/06/09/8" }, { "trust": 1.7, "url": "http://www.openwall.com/lists/oss-security/2016/06/08/2" }, { "trust": 1.7, "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "trust": 1.7, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html" }, { "trust": 1.7, "url": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/" }, { "trust": 1.7, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05302448" }, { "trust": 1.7, "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html" }, { "trust": 1.7, "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" }, { "trust": 1.7, "url": "http://www.securityfocus.com/bid/91081" }, { "trust": 1.7, "url": "http://www.securitytracker.com/id/1036054" }, { "trust": 1.7, "url": "http://www.splunk.com/view/sp-caaapue" }, { "trust": 1.7, "url": "http://www.splunk.com/view/sp-caaapsv" }, { "trust": 1.7, "url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40312" }, { "trust": 1.7, "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759" }, { "trust": 1.7, "url": "https://www.tenable.com/security/tns-2016-16" }, { "trust": 1.7, "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" }, { "trust": 1.7, "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "trust": 1.7, "url": "https://www.tenable.com/security/tns-2016-21" }, { "trust": 1.7, "url": "https://www.tenable.com/security/tns-2016-20" }, { "trust": 1.7, "url": "https://security.freebsd.org/advisories/freebsd-sa-16:26.openssl.asc" }, { "trust": 1.7, "url": "https://access.redhat.com/errata/rhsa-2017:0193" }, { "trust": 1.7, "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" }, { "trust": 1.7, "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03856en_us" }, { "trust": 1.7, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10215" }, { "trust": 1.7, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html" }, { "trust": 1.7, "url": "http://www.debian.org/security/2016/dsa-3673" }, { "trust": 1.7, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html" }, { "trust": 1.7, "url": "https://support.f5.com/csp/article/k53084033" }, { "trust": 1.7, "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en\u0026docid=emr_na-hpesbhf03856en_us" }, { "trust": 1.7, "url": "http://www.openwall.com/lists/oss-security/2016/06/08/12" }, { "trust": 1.7, "url": "http://www.openwall.com/lists/oss-security/2016/06/08/11" }, { "trust": 1.7, "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html" }, { "trust": 1.7, "url": "http://www.openwall.com/lists/oss-security/2016/06/08/10" }, { "trust": 1.7, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html" }, { "trust": 1.7, "url": "http://www.openwall.com/lists/oss-security/2016/06/08/6" }, { "trust": 1.7, "url": "http://www.openwall.com/lists/oss-security/2016/06/08/5" }, { "trust": 1.7, "url": "http://www.openwall.com/lists/oss-security/2016/06/08/4" }, { "trust": 1.7, "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24" }, { "trust": 1.7, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html" }, { "trust": 1.7, "url": "http://www.openwall.com/lists/oss-security/2016/06/08/8" }, { "trust": 1.7, "url": "http://www.openwall.com/lists/oss-security/2016/06/08/7" }, { "trust": 1.7, "url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html" }, { "trust": 1.7, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html" }, { "trust": 1.7, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html" }, { "trust": 1.7, "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en" }, { "trust": 1.7, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html" }, { "trust": 1.7, "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html" }, { "trust": 1.7, "url": "http://seclists.org/fulldisclosure/2017/jul/31" }, { "trust": 1.7, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html" }, { "trust": 1.7, "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-c05302448" }, { "trust": 1.7, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html" }, { "trust": 1.7, "url": "http://www.openwall.com/lists/oss-security/2016/06/09/2" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf" }, { "trust": 1.1, "url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=399944622df7bd81af62e67ea967c470534090e2" }, { "trust": 0.9, "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=399944622df7bd81af62e67ea967c470534090e2" }, { "trust": 0.9, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2178" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2178" }, { "trust": 0.8, "url": "http://jvn.jp/vu/jvnvu98667810/index.html" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2178" }, { "trust": 0.8, "url": "http://www.bizmobile.co.jp/news_02.php?id=4069\u0026nc=1" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2177" }, { "trust": 0.7, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304" }, { "trust": 0.6, "url": "https://www.openssl.org/news/vulnerabilities.html#y2017" }, { "trust": 0.6, "url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914246-1.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.0696" }, { "trust": 0.6, "url": "http://www.ibm.com/support/docview.wss?uid=ibm10887855" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2019.4645/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2019.2148/" }, { "trust": 0.5, "url": "https://access.redhat.com/security/updates/classification/#important" }, { "trust": 0.5, "url": "https://access.redhat.com/security/cve/cve-2016-2177" }, { "trust": 0.5, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.5, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6306" }, { "trust": 0.5, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.5, "url": "https://access.redhat.com/security/cve/cve-2016-2178" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2180" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2183" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2182" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6302" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2179" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2181" }, { "trust": 0.3, "url": "http://openssl.org/" }, { "trust": 0.3, "url": "http://eprint.iacr.org/2016/594" }, { "trust": 0.3, "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory21.asc" }, { "trust": 0.3, "url": "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-worklight-and-ibm-mobilefirst-platform-foundation-2/" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024394" }, { "trust": 0.3, "url": "http://www.ibm.com/support/docview.wss?uid=isg3t1024401" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024507" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024648" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021643" }, { "trust": 0.3, "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html" }, { "trust": 0.3, "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html" }, { "trust": 0.3, "url": "https://kc.mcafee.com/resources/sites/mcafee/content/live/product_documentation/27000/pd27128/en_us/meg_7_6_406_3402_103_release_notes_en_us.pdf" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995935" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991896" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21994870" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009586" }, { "trust": 0.3, "url": "http://www.ibm.com/support/docview.wss?uid=ssg1s1009648" }, { "trust": 0.3, "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21985392" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991724" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992348" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992427" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992681" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992898" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993061" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993856" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993875" }, { "trust": 0.3, "url": "http://www.ibm.com/support/docview.wss?uid=swg21994534" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21994861" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995392" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995393" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995691" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg2c1000242" }, { "trust": 0.3, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.3, "url": "https://access.redhat.com/security/cve/cve-2016-6304" }, { "trust": 0.3, "url": "https://access.redhat.com/security/team/key/" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2108" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6303" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2016-4459" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2016-6808" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2016-8612" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2016-2108" }, { "trust": 0.2, "url": "https://access.redhat.com/articles/2688611" }, { "trust": 0.2, "url": "https://access.redhat.com/solutions/222023" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2016-8610" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-8610" }, { "trust": 0.2, "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=appplatform\u0026downloadtype=securitypatches\u0026version=6.4" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2107" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2109" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/203.html" }, { "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2016-2178" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2017:1659" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://usn.ubuntu.com/3087-1/" }, { "trust": 0.1, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21" }, { "trust": 0.1, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=49001" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-2180" }, { "trust": 0.1, "url": "https://www.openssl.org/news/secadv/20160922.txt" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-6306" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-2181" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-2179" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-2182" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-6302" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4459" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-8612" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6808" }, { "trust": 0.1, "url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/" }, { "trust": 0.1, "url": "https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/" }, { "trust": 0.1, "url": "https://www.debian.org/security/faq" }, { "trust": 0.1, "url": "https://www.debian.org/security/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2105" }, { "trust": 0.1, "url": "https://security.gentoo.org/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2183" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2107" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2178" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2176" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-7052" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6304" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6305" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2106" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2108" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7052" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2109" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6305" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2176" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2180" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2177" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6306" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.37" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.20" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.4" }, { "trust": 0.1, "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.21" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.38" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.5" }, { "trust": 0.1, "url": "https://launchpad.net/bugs/1626883" }, { "trust": 0.1, "url": "https://issues.jboss.org/):" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0705" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-3196" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4448" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3216" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-2106" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0702" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0797" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2014-8176" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1835" }, { "trust": 0.1, "url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services-apache-http-server/version-2.4.23/apache-http-server-2423-release-notes/" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-3705" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-1838" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-2107" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3196" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-1839" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3523" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4483" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2014-3523" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-2842" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1148" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1840" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0797" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3185" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1836" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-3185" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-3194" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-1833" }, { "trust": 0.1, "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.apachehttp\u0026downloadtype=distributions\u0026version=2.4.23" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-2105" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8176" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-1840" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-1836" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-1762" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-1835" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4449" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-0286" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1762" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-5420" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-3627" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2012-1148" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-1837" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-2109" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-1834" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3195" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1837" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1839" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-5419" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-0209" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-3195" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0702" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-3216" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1838" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1833" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1834" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4447" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-7141" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0799" } ], "sources": [ { "db": "VULMON", "id": "CVE-2016-2178" }, { "db": "BID", "id": "91081" }, { "db": "JVNDB", "id": "JVNDB-2016-003305" }, { "db": "PACKETSTORM", "id": "138870" }, { "db": "PACKETSTORM", "id": "140717" }, { "db": "PACKETSTORM", "id": "143176" }, { "db": "PACKETSTORM", "id": "138817" }, { "db": "PACKETSTORM", "id": "138889" }, { "db": "PACKETSTORM", "id": "140056" }, { "db": "PACKETSTORM", "id": "138820" }, { "db": "PACKETSTORM", "id": "143181" }, { "db": "PACKETSTORM", "id": "138826" }, { "db": "PACKETSTORM", "id": "140182" }, { "db": "CNNVD", "id": "CNNVD-201606-265" }, { "db": "NVD", "id": "CVE-2016-2178" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2016-2178" }, { "db": "BID", "id": "91081" }, { "db": "JVNDB", "id": "JVNDB-2016-003305" }, { "db": "PACKETSTORM", "id": "138870" }, { "db": "PACKETSTORM", "id": "140717" }, { "db": "PACKETSTORM", "id": "143176" }, { "db": "PACKETSTORM", "id": "138817" }, { "db": "PACKETSTORM", "id": "138889" }, { "db": "PACKETSTORM", "id": "140056" }, { "db": "PACKETSTORM", "id": "138820" }, { "db": "PACKETSTORM", "id": "143181" }, { "db": "PACKETSTORM", "id": "138826" }, { "db": "PACKETSTORM", "id": "140182" }, { "db": "CNNVD", "id": "CNNVD-201606-265" }, { "db": "NVD", "id": "CVE-2016-2178" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-06-20T00:00:00", "db": "VULMON", "id": "CVE-2016-2178" }, { "date": "2016-06-08T00:00:00", "db": "BID", "id": "91081" }, { "date": "2016-06-22T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-003305" }, { "date": "2016-09-27T19:32:00", "db": "PACKETSTORM", "id": "138870" }, { "date": "2017-01-25T21:53:32", "db": "PACKETSTORM", "id": "140717" }, { "date": "2017-06-28T22:12:00", "db": "PACKETSTORM", "id": "143176" }, { "date": "2016-09-22T22:22:00", "db": "PACKETSTORM", "id": "138817" }, { "date": "2016-09-28T23:24:00", "db": "PACKETSTORM", "id": "138889" }, { "date": "2016-12-07T16:37:31", "db": "PACKETSTORM", "id": "140056" }, { "date": "2016-09-22T22:25:00", "db": "PACKETSTORM", "id": "138820" }, { "date": "2017-06-28T22:37:00", "db": "PACKETSTORM", "id": "143181" }, { "date": "2016-09-23T19:19:00", "db": "PACKETSTORM", "id": "138826" }, { "date": "2016-12-16T16:34:49", "db": "PACKETSTORM", "id": "140182" }, { "date": "2016-06-13T00:00:00", "db": "CNNVD", "id": "CNNVD-201606-265" }, { "date": "2016-06-20T01:59:03.023000", "db": "NVD", "id": "CVE-2016-2178" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-11-07T00:00:00", "db": "VULMON", "id": "CVE-2016-2178" }, { "date": "2018-02-05T14:00:00", "db": "BID", "id": "91081" }, { "date": "2017-10-03T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-003305" }, { "date": "2022-12-14T00:00:00", "db": "CNNVD", "id": "CNNVD-201606-265" }, { "date": "2024-11-21T02:47:58.090000", "db": "NVD", "id": "CVE-2016-2178" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "BID", "id": "91081" }, { "db": "CNNVD", "id": "CNNVD-201606-265" } ], "trust": 0.9 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "OpenSSL of crypto/dsa/dsa_ossl.c of dsa_sign_setup In function DSA Vulnerability to obtain a private key", "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-003305" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "information disclosure", "sources": [ { "db": "CNNVD", "id": "CNNVD-201606-265" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.